package com.njmt.cloud.msprovder.service.imp;

import com.njwt.cloud.mscommon.feign.client.AuthorityClient;
import com.njwt.cloud.mscommon.pojo.vo.AuthorityVo;
import com.njwt.cloud.mscommon.support.ApiResponse;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.ClientRegistrationException;
import org.springframework.security.oauth2.provider.client.BaseClientDetails;
import org.springframework.stereotype.Component;
import com.alibaba.fastjson.JSON;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;

/**
 * @author <a href="mailto:xingxiaofeng@gtmap.cn">xingxiaofeng</a>
 * @date 2022-06-02
 * @desc ClientDetailsServiceImpl
 */
@Component
public class ClientDetailsServiceImpl implements ClientDetailsService {
    private  static  final Logger log = LoggerFactory.getLogger(ClientDetailsServiceImpl.class);
    @Autowired
    private AuthorityClient authorityClient;
    @Override
    public ClientDetails loadClientByClientId(String chientid) throws ClientRegistrationException {
        ApiResponse apiResponse=authorityClient.getOauthClientDetailsByClientId(chientid) ;
        AuthorityVo model  = JSON.parseObject(JSON.toJSONString( apiResponse.getData(), true),AuthorityVo.class);
        if (model == null) {

            //throw new CommonException(SophiaHttpStatus.CLIENT_ERROR);
        }
        BaseClientDetails clientDetails = new BaseClientDetails();
        //客户端(client)id
        clientDetails.setClientId(model.getClientId());
        //客户端所能访问的资源id集合
        if (StringUtils.isNotEmpty(model.getResourceIds())) {
            clientDetails.setResourceIds(Arrays.asList(model.getResourceIds().split(",")));
        }
        //客户端(client)的访问密匙
        clientDetails.setClientSecret(model.getClientSecret());//(new BCryptPasswordEncoder().encode(model.getClientSecret()));
        //客户端支持的grant_type授权类型
        clientDetails.setAuthorizedGrantTypes(Arrays.asList(model.getAuthorizedGrantTypes().split(",")));
        //客户端申请的权限范围
        clientDetails.setScope(Arrays.asList(model.getScope().split(",")));
        Integer accessTokenValidity = model.getAccessTokenValidity();
        if (accessTokenValidity != null && accessTokenValidity > 0) {
            //设置token的有效期，不设置默认12小时
            clientDetails.setAccessTokenValiditySeconds(accessTokenValidity);
        }
        Integer refreshTokenValidity = model.getRefreshTokenValidity();
        if (refreshTokenValidity != null && refreshTokenValidity > 0) {
            //设置刷新token的有效期，不设置默认30天
            clientDetails.setRefreshTokenValiditySeconds(refreshTokenValidity);
        }
        clientDetails.isAutoApprove(model.getAutoapprove());
        log.debug("clientId是：" + chientid);
        return clientDetails;
      /*  BaseClientDetails clientDetails = new BaseClientDetails();
        clientDetails.setClientId(chientid);
        clientDetails.setClientSecret("thisissecret");
        clientDetails.setAuthorizedGrantTypes(Arrays.asList("refresh_token", "password", "client_credentials"));
        clientDetails.setScope(Arrays.asList("webclient", "mobileclient"));
        clientDetails.setResourceIds(Arrays.asList("resource","resource2"));
        Set<GrantedAuthority> grantedAuthorities = new HashSet<>();
        GrantedAuthority authority = new SimpleGrantedAuthority("add:user");
        grantedAuthorities.add(authority);
        clientDetails.setAuthorities(grantedAuthorities);
        return clientDetails;*/
    }
}
